Check Point uncovered the major security risks and threats that impact organizations worldwide. Their new report examines the leading security threats, the risky web applications that compromise network security, and incidences of unintentional loss of data caused by employees.

The report is based on research from 888 companies worldwide, and gives insight into the network security events that actually occurred within organizations during 2012, and the security risks that companies are exposed to.

Hidden security threats

The research revealed that 63% of organizations globally were infected with bots, and 53% were infected with new malware at least once a day as a result of existing infections on their networks. 70% of the bots detected communicated with their external command centres at least every 2 hours. 58% of command centers are based in the USA, with just 4% in China.

It also highlighted that 75% of organizations are not using the latest software versions in popular software (Acrobat Reader, Flash, Internet Explorer, Java), which can lead to security vulnerabilities. Also, 44% were not using the latest Microsoft Windows Service Packs, which include the latest Microsoft security updates.

Risky Web 2.0 applications

91% of organizations used applications with potential security risks, giving hackers an unprecedented range of options for penetrating corporate networks. 61% of organizations were found to be using P2P file-sharing, and 43% using anonymizer applications: in the majority of cases, this usage conflicted with the organization’s web usage and security policies, and can potentially open a backdoor to networks. 69% of organizations were found to be using Dropbox for cloud storage.

Data loss incidents

54% of organizations had at least one potential data loss incident as a result of emails being sent in error to an external recipient, or information being incorrectly posted online. Credit card information was the most common type of sensitive information sent outside organizations (29%), and public sector bodies and financial companies were the most likely to do this.

“Our research uncovered many alarming vulnerabilities and security threats on networks that most organizations were not aware of,” said Amnon Bar-Lev, president of Check Point. “With clearer visibility of these, IT professionals can now better define a security blueprint to protect their organizations from the constant stream of evolving security threats, ranging from botnets, to employees using risky web applications like anonymizers, to data loss.”

Spotlight

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

As ISPs, hosting providers and online enterprises around the world continue suffering the effects of DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?”

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.